SlideShare a Scribd company logo

S Rod Simpson Resume

Download as DOCX, PDF
Rod Simpson CRISC, CISM, CISA
Rod Simpson CRISC, CISM, CISA

S. Rod Simpson is an experienced IT security professional with over 25 years of experience managing information security risk, IT general controls, IT audit, and compliance at Caterpillar, Inc. He has held roles such as Enterprise Risk Acceptance Manager, IT General Controls Manager, Manager of Key Process Indicators, and Six Sigma Blackbelt. Simpson is skilled in all aspects of information security from policy to protection to audit. He is certified in CRISC, CISA, CISM, ITIL, and Six Sigma methodology.

1 of 3
S. ROD SIMPSON CRISC, CISA, CISM, 6 Sigma Black Belt East Peoria, Illinois, Mobile: 309-369-3646  srodsimpson@gmail.com INFORMATION SECURITY RISK MANAGEMENT Highly qualified IT Security professional with 25+ years of senior level domestic and international experience recently retired on an enhanced retirement package from a fortune 100 company. Enterprise level experience in applying superb management, communication and technical talents to implement corporate strategies that exceed expectations. Skilled in maximizing resources, value, and efficiency with extensive background in all stages of information security policy, IT risk management and response, IT General Controls (SoX), information classification, protection, and IT audit. Exemplary leadership experience with unique talent to enlist cooperation among partners. Excellent communication and presentation skills with the ability to effectively address multiple target audiences at all levels of management including CIO, and Executive office. Innovative thinker with a keen ability to build profitable relationships in a global business environment. Familiar with COSO/COBIT/ISO 27000/Sox/ITIL/6 Sigma DMAIC/NIST/Archer Information Security | IT Governance, Risk and Compliance | IT Audit & Controls | IT Risk Assessment | Systems Assurance | Regulatory Compliance | Process Optimization | Six Sigma Blackbelt Leadership Development | Coaching | Problem Solving | Quality Improvement PROFESSIONAL EXPERIENCE Caterpillar, Inc., Enterprise Information Security Risk Management, Peoria, IL Enterprise Risk Acceptance Manager 2012-2015  Created and managed enterprise information security risk management and response process.  Assessed changes in business and IT risks, organizational risk culture, risk tolerance and relevant IT related business initiatives to establish acceptable risk levels.  Created risk level assessment processes and ensured appropriate levels of IT and business management were involved in reviewing and accepting risks; managed remediation and mitigation requirements. Enterprise IT General Controls Manager 2010-2012  Managed the Information Technology General Controls (ITGC’s) for the global enterprise in coordination with Information Services, Financial Services Risk and Controls division, Corporate Auditing and external auditors.  Served as the enterprise primary technical expert on the ITGC's responsible for the definition, application, implementation and continual improvement of the ITGC's, including IT SoX controls.  Managed reporting, testing, issue management, remediation and re-testing of SOX IT Controls. IT Service Management – Manager of Key Process Indicators (KPI's) & Metrics 2007-2010  Developed and managed top tier metrics and key process/performance indicators for IT Service Management processes (incident, change, problem and service level management).  Developed and implemented key ITSM metrics for Priority 1 Incidents and Mean Time to Repair (MTTR); established regular usage as measures that were used globally to determine annual IT bonuses.  Sponsored 6 Sigma projects establishing enterprise metrics, operational reports; improved the Service Level (SLA)/Operation Level Agreement (OLA) metrics reporting process ($40,000 annual savings).  Created and maintained controls for ITSM Assessments to ensure consistent execution of common ITSM processes world-wide; established and implemented IT Service Management metrics. 6 Sigma Blackbelt - IT Service Management 2004-2007  Certified in DMAIC 6 Sigma methodology with value proposition of over $1M dollars.  Six Sigma Black Belt for implementation of ITSM activities including implementation of change management processes to satisfy Sarbanes Oxley requirements.  Six Sigma Black Belt for mainframe capacity management project; provided controls for alleviating CPU overloading/peak demand periods with a savings of $430,000/year.  Six Sigma Black Belt for implementing IT Service Level Management for the Caterpillar Enterprise Machine Ordering System (CMOPS).  Implemented an IT Service management process that resulted in a $1.5M reduction in support costs.
S. ROD SIMPSON East Peoria, Illinois Mobile: 309-369-3646  srodsimpson@gmail.com Sr. IT Auditor - Internal Audit and Compliance 2000-2004  Performed facility and systems audits, security reviews, and IT assessments for both domestic and international Caterpillar facilities.  Featured speaker on information protection at the National MIS Infosecworld Conference in 2001.  Achieved industry certification Information Systems Auditor and Information Security Manager from Information Systems and Control Association (ISACA).  Participated on 6Sigma project for improving Caterpillar’s assurance process and implementing processes to support the Sarbanes-Oxley Act.  Introduced new web links in audit reports to provide guidance to auditees to resolve audit observations; served as an expert for aligning Corporate Information Security Procedures to the IT facility audit. Information Security Program Manager – Information Security Services 1997-2000  Managed Information Security Program of six major initiatives and fourteen security related projects.  Created instrumental business case to obtain funding for the entire Information Security Program.  Successfully utilized web technologies, facility visits, and communications; contributed to 44% increase in awareness and knowledge of information protection; guidelines implemented as enterprise policy.  Managed multiple enterprise information security initiatives to protect business assets such as Intellectual Properties, Document Management, Records Management and Corporate Human Resources.  Provided data access guidelines and authentication methods; the project was nominated for the Corporate Award of Excellence.  Introduced Security icon and published security articles in Worldwide Caterpillar media; awareness efforts resulted in 15% improvement overall awareness.  Secured access to critical intranet based information previously unavailable; resulted in a process allowing employees at Joint Venture sites to have secure direct high speed connectivity to Intranet assets.  Represented Caterpillar in security program benchmarking efforts with eight US based companies; conducted additional benchmarking with the Concours Group for Information Security/Data Privacy. Corporate Information Security Awareness Coordinator  Managed staff and projects to ensure protection of Caterpillar's information assets; created, implemented and maintained a new corporate security awareness program.  Directed the rollout of a new Security Awareness Video for multiple corporate groups and business units, including senior executive management.  Co-authored, coordinated and executed an information security updates at 14 major Caterpillar facilities in the United States and Europe.  Created a security awareness program and performed a global implementation at 14 major facilities in Europe and the Americas.  Planned and executed an Enterprise Global Information Security Summit; served as a presenter/host for IT Security professionals from Europe, the Americas and Asia Pacific. Supervisor - Network & Information Security Services Team  Supervised staff of 10 individuals responsible for supporting the overall plant computing networks for two business units; provided direction and control of information security.  Implemented and managed division processes for career planning/objectives planning; managed employee moves for over 40% of Information Technology staff in 1996.  Managed budget and charge-back processes for network and security related initiatives; conducted outsourcing studies for network support, help desk, and asset management.  Improved network availability from a baseline of 8-10 hour major plant-wide outages occurring weekly by upgrading network bandwidth and implementing response processes. Implemented an ongoing security awareness program in partnership with Corporate Information Security Services; assisted in the creation of a security awareness video.
S. ROD SIMPSON East Peoria, Illinois Mobile: 309-369-3646  srodsimpson@gmail.com PROFESSIONAL DEVELOPMENT AND CERTIFICATION Certified in Risk and Information Systems Control: CRISC (2016) Certified 6 Sigma Black Belt: Caterpillar Inc. (2005) Certified Information Security Manager: ISACA (2003) Certified Information Systems Auditor: ISACA (2001) President: ISACA Illini Chapter ITIL KPI/Metrics Certified ITIL Foundations Certified Trained in Situational Leadership and Participative Management Trained in Organizational Change Management

Recommended

MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governancedigitallibrary
 
Developing A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramDeveloping A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramTammy Clark
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 

Recommended

MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Information Security Governance and Strategy - 3
Information Security Governance and Strategy - 3Dam Frank
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Information Security Governance and Strategy
Information Security Governance and Strategy Information Security Governance and Strategy
Information Security Governance and Strategy Dam Frank
 
Developing Metrics for Information Security Governance
Developing Metrics for Information Security GovernanceDeveloping Metrics for Information Security Governance
Developing Metrics for Information Security Governancedigitallibrary
 
Developing A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramDeveloping A Risk Based Information Security Program
Developing A Risk Based Information Security ProgramTammy Clark
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
Trends in Information Security
Trends in Information SecurityTrends in Information Security
Trends in Information SecurityCompTIA
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 ismsCraig Willetts ISO Expert
 
Cyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisCyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisRahul Neel Mani
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security ProgramShauna_Cox
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013Magda CHELLY, Ph.D, S-CISO, CISSP®
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITShivamSharma909
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelnooralmousa
 
Enterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slidesEnterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slidesEnterpriseGRC Solutions, Inc.
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001powertech
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
ISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field AnalysisISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field AnalysisPECB
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsPECB
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Craig Willetts ISO Expert
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSReza Teynia ISMS, ITSM, MSc
 
TyroneResume[1]
TyroneResume[1]TyroneResume[1]
TyroneResume[1]Tyrone Parker, MBA
 
Security policy
Security policySecurity policy
Security policyDhani Ahmad
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...Anup Narayanan
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 
Manual pcd-versaofinal
Manual pcd-versaofinalManual pcd-versaofinal
Manual pcd-versaofinalACECTALCT
 
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)Jerry Kantor
 

More Related Content

What's hot

Trends in Information Security
Trends in Information SecurityTrends in Information Security
Trends in Information SecurityCompTIA
 
Cyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisCyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisRahul Neel Mani
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security ProgramShauna_Cox
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITShivamSharma909
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelnooralmousa
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001powertech
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
ISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field AnalysisISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field AnalysisPECB
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsPECB
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...Anup Narayanan
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIskcon Ahmedabad
 

What's hot (20)

Trends in Information Security
Trends in Information SecurityTrends in Information Security
Trends in Information Security
 
What is iso 27001 isms
What is iso 27001 ismsWhat is iso 27001 isms
What is iso 27001 isms
 
Cyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its AnalysisCyber Security in the Digital Age: A Survey and its Analysis
Cyber Security in the Digital Age: A Survey and its Analysis
 
Developing an Information Security Program
Developing an Information Security ProgramDeveloping an Information Security Program
Developing an Information Security Program
 
Iso 27001 2013
Iso 27001 2013Iso 27001 2013
Iso 27001 2013
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of IT
 
Sudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity modelSudarsan Jayaraman - Open information security management maturity model
Sudarsan Jayaraman - Open information security management maturity model
 
Enterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slidesEnterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slides
 
The best way to use ISO 27001
The best way to use ISO 27001The best way to use ISO 27001
The best way to use ISO 27001
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & Metrics
 
ISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field AnalysisISO 27001 Implementation using Force Field Analysis
ISO 27001 Implementation using Force Field Analysis
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO Standards
 
Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how Reduce admin time by 60% - Here is how
Reduce admin time by 60% - Here is how
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get started
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 
ISMS implementation challenges-KASYS
ISMS implementation challenges-KASYSISMS implementation challenges-KASYS
ISMS implementation challenges-KASYS
 
TyroneResume[1]
TyroneResume[1]TyroneResume[1]
TyroneResume[1]
 
Security policy
Security policySecurity policy
Security policy
 
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,..."I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
"I am Certified, but am I Safe?" - Information Security Summit, Kuala Lumpur,...
 
Iso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consultingIso 27001 2005- by netpeckers consulting
Iso 27001 2005- by netpeckers consulting
 

Viewers also liked

Manual pcd-versaofinal
Manual pcd-versaofinalManual pcd-versaofinal
Manual pcd-versaofinalACECTALCT
 
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)Jerry Kantor
 
tyabutcher_portfolio
tyabutcher_portfoliotyabutcher_portfolio
tyabutcher_portfolioTyson Butcher
 
производство детского питания
производство детского питанияпроизводство детского питания
производство детского питанияКундыз Кошанова
 
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a LungroPro Loco "Arbëria"
 
Bm group1 sec_b_2016
Bm group1 sec_b_2016Bm group1 sec_b_2016
Bm group1 sec_b_2016Isha Khan
 
Pham thanh nga vn ttt roundtable event
Pham thanh nga vn ttt roundtable eventPham thanh nga vn ttt roundtable event
Pham thanh nga vn ttt roundtable eventNga Pham
 

Viewers also liked (15)

Manual pcd-versaofinal
Manual pcd-versaofinalManual pcd-versaofinal
Manual pcd-versaofinal
 
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
INDIVIDUAL HONORS OF ATHLETES COACHED AT (2)
 
Resume MB 2016
Resume MB 2016Resume MB 2016
Resume MB 2016
 
tyabutcher_portfolio
tyabutcher_portfoliotyabutcher_portfolio
tyabutcher_portfolio
 
Ximena
XimenaXimena
Ximena
 
Finanzas
FinanzasFinanzas
Finanzas
 
производство детского питания
производство детского питанияпроизводство детского питания
производство детского питания
 
352 Final paper
352 Final paper 352 Final paper
352 Final paper
 
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro
“Kreshmesha e Arbërisë”: aspetti della bambola quaresimale a Lungro
 
Ophtalmology
OphtalmologyOphtalmology
Ophtalmology
 
Il nostro lavoro... in Comune
Il nostro lavoro... in ComuneIl nostro lavoro... in Comune
Il nostro lavoro... in Comune
 
Bm group1 sec_b_2016
Bm group1 sec_b_2016Bm group1 sec_b_2016
Bm group1 sec_b_2016
 
NCB
NCBNCB
NCB
 
4.Estimación linea base
4.Estimación linea base4.Estimación linea base
4.Estimación linea base
 
Pham thanh nga vn ttt roundtable event
Pham thanh nga vn ttt roundtable eventPham thanh nga vn ttt roundtable event
Pham thanh nga vn ttt roundtable event
 

Similar to S Rod Simpson Resume

CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan MMohan M
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE360 BSI
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company ProfileKGanzy
 
DianeOakleyResume20170130
DianeOakleyResume20170130DianeOakleyResume20170130
DianeOakleyResume20170130Diane Oakley
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Bill_Haase_Resume Dec 2015
Bill_Haase_Resume Dec 2015Bill_Haase_Resume Dec 2015
Bill_Haase_Resume Dec 2015Bill Haase
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0Amit Verma
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore.
 
C_COHEN_RESUME
C_COHEN_RESUMEC_COHEN_RESUME
C_COHEN_RESUMECarl Cohen
 
Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017Jeff Chugg
 
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAEIT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE360 BSI
 
Preston Williams III Curriculum Vitae (CV)
Preston Williams III Curriculum Vitae (CV)Preston Williams III Curriculum Vitae (CV)
Preston Williams III Curriculum Vitae (CV)Preston Williams III
 
Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin Carrow
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016Prime Infoserv
 
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAEIT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE360 BSI
 

Similar to S Rod Simpson Resume (20)

CV of Mohan M
CV of Mohan MCV of Mohan M
CV of Mohan M
 
Gill_Pat.2016.Resume.CISO.1
Gill_Pat.2016.Resume.CISO.1Gill_Pat.2016.Resume.CISO.1
Gill_Pat.2016.Resume.CISO.1
 
MullaneyChrisER
MullaneyChrisERMullaneyChrisER
MullaneyChrisER
 
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAEIT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE
 
Proteus OCM Company Profile
Proteus OCM Company ProfileProteus OCM Company Profile
Proteus OCM Company Profile
 
DianeOakleyResume20170130
DianeOakleyResume20170130DianeOakleyResume20170130
DianeOakleyResume20170130
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Bill_Haase_Resume Dec 2015
Bill_Haase_Resume Dec 2015Bill_Haase_Resume Dec 2015
Bill_Haase_Resume Dec 2015
 
Resume-Amit 1.0
Resume-Amit 1.0Resume-Amit 1.0
Resume-Amit 1.0
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
Bayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance AnalystBayo Omisore, IT Auditor-Compliance Analyst
Bayo Omisore, IT Auditor-Compliance Analyst
 
C_COHEN_RESUME
C_COHEN_RESUMEC_COHEN_RESUME
C_COHEN_RESUME
 
Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017Jeff Chugg Professional Resume - 01-23-2017
Jeff Chugg Professional Resume - 01-23-2017
 
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAEIT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
IT Information Security Management Principles, 15 - 18 May 2016 Dubai UAE
 
CV 2.4 18/06/2016
CV 2.4 18/06/2016CV 2.4 18/06/2016
CV 2.4 18/06/2016
 
Preston Williams III Curriculum Vitae (CV)
Preston Williams III Curriculum Vitae (CV)Preston Williams III Curriculum Vitae (CV)
Preston Williams III Curriculum Vitae (CV)
 
Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015Erwin (Chris) Carrow resume Brief 10-23-2015
Erwin (Chris) Carrow resume Brief 10-23-2015
 
Infocon Bangladesh 2016
Infocon Bangladesh 2016Infocon Bangladesh 2016
Infocon Bangladesh 2016
 
Applying Lean for information security operations centre
Applying Lean for information security operations centreApplying Lean for information security operations centre
Applying Lean for information security operations centre
 
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAEIT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
IT Information Security Management Principles, 23 - 26 November 2015 Dubai UAE
 

S Rod Simpson Resume

  • 1. S. ROD SIMPSON CRISC, CISA, CISM, 6 Sigma Black Belt East Peoria, Illinois, Mobile: 309-369-3646  srodsimpson@gmail.com INFORMATION SECURITY RISK MANAGEMENT Highly qualified IT Security professional with 25+ years of senior level domestic and international experience recently retired on an enhanced retirement package from a fortune 100 company. Enterprise level experience in applying superb management, communication and technical talents to implement corporate strategies that exceed expectations. Skilled in maximizing resources, value, and efficiency with extensive background in all stages of information security policy, IT risk management and response, IT General Controls (SoX), information classification, protection, and IT audit. Exemplary leadership experience with unique talent to enlist cooperation among partners. Excellent communication and presentation skills with the ability to effectively address multiple target audiences at all levels of management including CIO, and Executive office. Innovative thinker with a keen ability to build profitable relationships in a global business environment. Familiar with COSO/COBIT/ISO 27000/Sox/ITIL/6 Sigma DMAIC/NIST/Archer Information Security | IT Governance, Risk and Compliance | IT Audit & Controls | IT Risk Assessment | Systems Assurance | Regulatory Compliance | Process Optimization | Six Sigma Blackbelt Leadership Development | Coaching | Problem Solving | Quality Improvement PROFESSIONAL EXPERIENCE Caterpillar, Inc., Enterprise Information Security Risk Management, Peoria, IL Enterprise Risk Acceptance Manager 2012-2015  Created and managed enterprise information security risk management and response process.  Assessed changes in business and IT risks, organizational risk culture, risk tolerance and relevant IT related business initiatives to establish acceptable risk levels.  Created risk level assessment processes and ensured appropriate levels of IT and business management were involved in reviewing and accepting risks; managed remediation and mitigation requirements. Enterprise IT General Controls Manager 2010-2012  Managed the Information Technology General Controls (ITGC’s) for the global enterprise in coordination with Information Services, Financial Services Risk and Controls division, Corporate Auditing and external auditors.  Served as the enterprise primary technical expert on the ITGC's responsible for the definition, application, implementation and continual improvement of the ITGC's, including IT SoX controls.  Managed reporting, testing, issue management, remediation and re-testing of SOX IT Controls. IT Service Management – Manager of Key Process Indicators (KPI's) & Metrics 2007-2010  Developed and managed top tier metrics and key process/performance indicators for IT Service Management processes (incident, change, problem and service level management).  Developed and implemented key ITSM metrics for Priority 1 Incidents and Mean Time to Repair (MTTR); established regular usage as measures that were used globally to determine annual IT bonuses.  Sponsored 6 Sigma projects establishing enterprise metrics, operational reports; improved the Service Level (SLA)/Operation Level Agreement (OLA) metrics reporting process ($40,000 annual savings).  Created and maintained controls for ITSM Assessments to ensure consistent execution of common ITSM processes world-wide; established and implemented IT Service Management metrics. 6 Sigma Blackbelt - IT Service Management 2004-2007  Certified in DMAIC 6 Sigma methodology with value proposition of over $1M dollars.  Six Sigma Black Belt for implementation of ITSM activities including implementation of change management processes to satisfy Sarbanes Oxley requirements.  Six Sigma Black Belt for mainframe capacity management project; provided controls for alleviating CPU overloading/peak demand periods with a savings of $430,000/year.  Six Sigma Black Belt for implementing IT Service Level Management for the Caterpillar Enterprise Machine Ordering System (CMOPS).  Implemented an IT Service management process that resulted in a $1.5M reduction in support costs.
  • 2. S. ROD SIMPSON East Peoria, Illinois Mobile: 309-369-3646  srodsimpson@gmail.com Sr. IT Auditor - Internal Audit and Compliance 2000-2004  Performed facility and systems audits, security reviews, and IT assessments for both domestic and international Caterpillar facilities.  Featured speaker on information protection at the National MIS Infosecworld Conference in 2001.  Achieved industry certification Information Systems Auditor and Information Security Manager from Information Systems and Control Association (ISACA).  Participated on 6Sigma project for improving Caterpillar’s assurance process and implementing processes to support the Sarbanes-Oxley Act.  Introduced new web links in audit reports to provide guidance to auditees to resolve audit observations; served as an expert for aligning Corporate Information Security Procedures to the IT facility audit. Information Security Program Manager – Information Security Services 1997-2000  Managed Information Security Program of six major initiatives and fourteen security related projects.  Created instrumental business case to obtain funding for the entire Information Security Program.  Successfully utilized web technologies, facility visits, and communications; contributed to 44% increase in awareness and knowledge of information protection; guidelines implemented as enterprise policy.  Managed multiple enterprise information security initiatives to protect business assets such as Intellectual Properties, Document Management, Records Management and Corporate Human Resources.  Provided data access guidelines and authentication methods; the project was nominated for the Corporate Award of Excellence.  Introduced Security icon and published security articles in Worldwide Caterpillar media; awareness efforts resulted in 15% improvement overall awareness.  Secured access to critical intranet based information previously unavailable; resulted in a process allowing employees at Joint Venture sites to have secure direct high speed connectivity to Intranet assets.  Represented Caterpillar in security program benchmarking efforts with eight US based companies; conducted additional benchmarking with the Concours Group for Information Security/Data Privacy. Corporate Information Security Awareness Coordinator  Managed staff and projects to ensure protection of Caterpillar's information assets; created, implemented and maintained a new corporate security awareness program.  Directed the rollout of a new Security Awareness Video for multiple corporate groups and business units, including senior executive management.  Co-authored, coordinated and executed an information security updates at 14 major Caterpillar facilities in the United States and Europe.  Created a security awareness program and performed a global implementation at 14 major facilities in Europe and the Americas.  Planned and executed an Enterprise Global Information Security Summit; served as a presenter/host for IT Security professionals from Europe, the Americas and Asia Pacific. Supervisor - Network & Information Security Services Team  Supervised staff of 10 individuals responsible for supporting the overall plant computing networks for two business units; provided direction and control of information security.  Implemented and managed division processes for career planning/objectives planning; managed employee moves for over 40% of Information Technology staff in 1996.  Managed budget and charge-back processes for network and security related initiatives; conducted outsourcing studies for network support, help desk, and asset management.  Improved network availability from a baseline of 8-10 hour major plant-wide outages occurring weekly by upgrading network bandwidth and implementing response processes. Implemented an ongoing security awareness program in partnership with Corporate Information Security Services; assisted in the creation of a security awareness video.
  • 3. S. ROD SIMPSON East Peoria, Illinois Mobile: 309-369-3646  srodsimpson@gmail.com PROFESSIONAL DEVELOPMENT AND CERTIFICATION Certified in Risk and Information Systems Control: CRISC (2016) Certified 6 Sigma Black Belt: Caterpillar Inc. (2005) Certified Information Security Manager: ISACA (2003) Certified Information Systems Auditor: ISACA (2001) President: ISACA Illini Chapter ITIL KPI/Metrics Certified ITIL Foundations Certified Trained in Situational Leadership and Participative Management Trained in Organizational Change Management